means that you request the column with index -1 in in the first row of a Cursor. The only part of your code that requests data from a Cursor is c.getString(columnIndex). That means that the columnIndex you get there must be -1. Now if you read the documentation of Cursor.getColumnIndex you see will find:

Returns the zero-based index for the given column name, or -1 if the column doesn't exist.

Meaning there is no column named "USR". If you look at your table definition you can see that you named it "usr". So to fix your error you can do

String firstName = c.getString(c.getColumnIndex("usr"));

But (that is optional and can lead to errors): Since you requested the Cursor as SELECT id, usr FROM .. you are guaranteed that id is column 0 and usr is column 1 in your Cursor and you can simply use the 1 directly.

a) you can simplify the if () do {} while () to a simple while() {}b) you should close the Cursor once you don't need it. You prevent at least a warning that way.

You should also make your INSERT save against errors / injection attacks by using the bindArgs version of execSQL. Try entering a ' in a username and you will see that it will crash the way you do it. Using bindArgs will prevent that since it automatically escapes the '.

If I comment this line, it doesn't crashes anymore, but I don't see why

That is because the Cursor is empty then and you don't reach the code that caused the error.

One last thing: varchar(128) has no effect in SQLite since:

Note that numeric arguments in parentheses that following the type name (ex: "VARCHAR(255)") are ignored by SQLite - SQLite does not impose any length restrictions on the length of strings, BLOBs or numeric values. source